mirror of
https://github.com/OrchardCMS/Orchard.git
synced 2025-09-20 02:37:55 +08:00
MachineKey validation during Setup, with automatic proposed values
--HG-- branch : dev
This commit is contained in:
Sebastien Ros
@@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
|
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
|
||||||
<system.web>
|
<system.web>
|
||||||
<machineKey xdt:Transform="Insert" validationKey="013B82F217ABB7EAB1F699E4E5B4D290030644D435994692354DAE82B06568B058BFE3C57BF199A41FFDBC84F3BC74D9C5BD96D1265F36A22D58347B591AC8DD" decryptionKey="04797035C490263D73ED991C84C5DFCD0D0206AD4F12BC3638A38FBEABEBB8C7" validation="SHA1" decryption="AES" />
|
<machineKey xdt:Transform="Insert" validationKey="AutoGenerate" decryptionKey="AutoGenerate" validation="SHA1" decryption="AES" />
|
||||||
</system.web>
|
</system.web>
|
||||||
<system.web.extensions xdt:Transform="Remove" />
|
<system.web.extensions xdt:Transform="Remove" />
|
||||||
</configuration>
|
</configuration>
|
||||||
@@ -2,7 +2,7 @@
|
|||||||
|
|
||||||
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
|
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
|
||||||
<system.web>
|
<system.web>
|
||||||
<machineKey xdt:Transform="Insert" validationKey="013B82F217ABB7EAB1F699E4E5B4D290030644D435994692354DAE82B06568B058BFE3C57BF199A41FFDBC84F3BC74D9C5BD96D1265F36A22D58347B591AC8DD" decryptionKey="04797035C490263D73ED991C84C5DFCD0D0206AD4F12BC3638A38FBEABEBB8C7" validation="SHA1" decryption="AES" />
|
<machineKey xdt:Transform="Insert" validationKey="AutoGenerate" decryptionKey="AutoGenerate" validation="SHA1" decryption="AES" />
|
||||||
</system.web>
|
</system.web>
|
||||||
<system.web.extensions xdt:Transform="Remove" />
|
<system.web.extensions xdt:Transform="Remove" />
|
||||||
</configuration>
|
</configuration>
|
||||||
@@ -1,5 +1,9 @@
|
|||||||
using System;
|
using System;
|
||||||
|
using System.Configuration;
|
||||||
|
using System.Security.Cryptography;
|
||||||
|
using System.Web.Configuration;
|
||||||
using System.Web.Mvc;
|
using System.Web.Mvc;
|
||||||
|
using System.Linq;
|
||||||
using Orchard.FileSystems.AppData;
|
using Orchard.FileSystems.AppData;
|
||||||
using Orchard.Setup.Services;
|
using Orchard.Setup.Services;
|
||||||
using Orchard.Setup.ViewModels;
|
using Orchard.Setup.ViewModels;
|
||||||
@@ -34,7 +38,34 @@ namespace Orchard.Setup.Controllers {
|
|||||||
return View(model);
|
return View(model);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private bool ValidateMachineKey() {
|
||||||
|
// Get the machineKey section.
|
||||||
|
var section = ConfigurationManager.GetSection("system.web/machineKey") as MachineKeySection;
|
||||||
|
|
||||||
|
if (section == null
|
||||||
|
|| section.DecryptionKey.Contains("AutoGenerate")
|
||||||
|
|| section.ValidationKey.Contains("AutoGenerate")) {
|
||||||
|
|
||||||
|
var rng = new RNGCryptoServiceProvider();
|
||||||
|
var decryptionData = new byte[32];
|
||||||
|
var validationData = new byte[64];
|
||||||
|
|
||||||
|
rng.GetBytes(decryptionData);
|
||||||
|
rng.GetBytes(validationData);
|
||||||
|
|
||||||
|
string decryptionKey = BitConverter.ToString(decryptionData).Replace("-", "");
|
||||||
|
string validationKey = BitConverter.ToString(validationData).Replace("-", "");
|
||||||
|
|
||||||
|
ModelState.AddModelError("MachineKey", T("You need to define a MachineKey value in your web.config file. Here is one for you:\n <machineKey validationKey=\"{0}\" decryptionKey=\"{1}\" validation=\"SHA1\" decryption=\"AES\" />", validationKey, decryptionKey).ToString());
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
public ActionResult Index() {
|
public ActionResult Index() {
|
||||||
|
ValidateMachineKey();
|
||||||
|
|
||||||
var initialSettings = _setupService.Prime();
|
var initialSettings = _setupService.Prime();
|
||||||
return IndexViewResult(new SetupViewModel { AdminUsername = "admin", DatabaseIsPreconfigured = !string.IsNullOrEmpty(initialSettings.DataProvider)});
|
return IndexViewResult(new SetupViewModel { AdminUsername = "admin", DatabaseIsPreconfigured = !string.IsNullOrEmpty(initialSettings.DataProvider)});
|
||||||
}
|
}
|
||||||
@@ -49,6 +80,8 @@ namespace Orchard.Setup.Controllers {
|
|||||||
ModelState.AddModelError("ConfirmPassword", T("Password confirmation must match").ToString());
|
ModelState.AddModelError("ConfirmPassword", T("Password confirmation must match").ToString());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
ValidateMachineKey();
|
||||||
|
|
||||||
if (!ModelState.IsValid) {
|
if (!ModelState.IsValid) {
|
||||||
return IndexViewResult(model);
|
return IndexViewResult(model);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -19,8 +19,8 @@
|
|||||||
<defaultSettings timeout="00:30:00"/>
|
<defaultSettings timeout="00:30:00"/>
|
||||||
</system.transactions>
|
</system.transactions>
|
||||||
<system.web>
|
<system.web>
|
||||||
<machineKey validationKey="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000"
|
<machineKey validationKey="AutoGenerate"
|
||||||
decryptionKey="0000000000000000000000000000000000000000000000000000000000000000"
|
decryptionKey="AutoGenerate"
|
||||||
validation="SHA1"
|
validation="SHA1"
|
||||||
decryption="AES" />
|
decryption="AES" />
|
||||||
<httpRuntime requestValidationMode="2.0" />
|
<httpRuntime requestValidationMode="2.0" />
|
||||||
|
|||||||
Reference in New Issue
Block a user